Documentation forServ-U File Server

15.1 Release Notes

Release date: June 3, 2014

These release notes describe the new features, improvements, and fixed issues in Serv-U File Server 15.1. They also provide information about upgrades and describe workarounds for known issues.

If you are looking for previous release notes for Serv-U File Server, see Previous Version documentation.

Serv-U no longer supports Internet Explorer 7.

New features and improvements in Serv-U

Return to top

Serv-U v15.1 includes the following new features and improvements:

  • Automated file management

    Serv-U can be set up to automatically delete or archive files within specified folders after a configurable number of days.

  • Multiple SSH/SFTP keys per user

    For the purposes of public authentication, Serv-U supports associating multiple public keys with a user account.

  • Enhanced file sharing

    Serv-U now supports creating anonymous file shares, searching in file shares, setting file sharing options on the administrative level, sharing files larger than 2GB, and sharing files that are already on the server.

  • Updated New Domain Wizard

    The wizard is graphically enhanced, and contains an extra step to assist in the configuration of a file sharing domain.

  • Redesigned and enhanced FTP Voyager JV and Management Console landing page and navigation controls

    The Management Console landing page displays useful statistics immediately after login, and navigation among menu items is quicker and easier. The Management Console also informs administrators of the status of their software maintenance.

  • Custom branding for the guest user UI

    It is now possible to define custom logos to be displayed in File Sharing and the Web Client.

  • In product notifications about new versions

    The availability of a new version is displayed for administrators in the Management Console.

  • Enhanced email notification of file shares

    The "File uploaded to share" and the "File downloaded from share" email notifications now contain a link to the FileShare details page.

  • Enhanced Web Client Pro launching indication

    Web Client Pro now indicates the process of launching directly in the Java applet.

  • Improved LDAP authentication process

    The LDAP authentication process is compatible with more LDAP servers and configurations, and it is possible to specify the connection account information for LDAP servers.

  • Enhancements in setting up the user interface

    The Web Client can now be disabled.

  • Updated file share details page

    Users can save a new password for a file share, and the page also includes pagination controls for the file download history.

  • Updated Serv-U Tray About box

    The box now uses a single Close button instead of the dual OK/Cancel button.

  • Changed location for pid and memory files on Linux

    The pid is now stored in /var/run, and the memory-mapped file is stored in /var/tmp instead of /tmp.

  • Enhanced logging

    The additional logging helps diagnose user authentication issues, including targeted LDAP error information, and issues with accessing a user account's home directory.

  • New option for setting up password autocompletion

    It is possible to configure whether password autocompletion is allowed on the Serv-U login screen.

  • What's New resource

    The resource displays the new features contained in major releases of Serv-U.

  • Enhanced File Sharing client

    The paging mechanism of the View All pages within the client has been improved.

  • Improved Web Client access for guest users

    Guest users can access the main Web Client login screen by removing the share token from the URL.

  • Improved logic of the Guest Email Address(es) field in the File Sharing wizards

    It is possible to paste a string into the field, and all valid email addresses are extracted from it.

  • Enhanced menus in the Web Client

    The dynamic right-click menus in the Web Client are updated to a newer look and feel.

  • Improved HTTP response header settings

    It is possible to remove the Serv-U version information from HTTP response headers.

Fixed issues

Return to top

Serv-U 15.1 fixes the following issues.

Case Number Description


Serv-U responded to regular HTTP requests on an HTTPS listener if it could not load the certificate or the private keys configured for use with SSL.


The Management Console was loading slowly after an upgrade.


Fixes to potential security issues.

527765, 519715, 509478

The custom logo was not displayed correctly in the Web Client and the File Sharing user interfaces.


A global user could access the File Sharing interface even if it was disabled on the domain level.


It was possible to directly navigate to a Serv-U directory without logging in. However, users were not allowed to perform any actions on the page since they were not logged in. Serv-U now redirects users to the login page when they try to access a directory without authentication.

552775, 519582

The Default Web Client interface was not working if the other client interfaces were disabled.


404 error occurred on Linux systems when a group admin user logged in to the Web Client and used the Jump to menu to return to the Management Console.


Creating a limit to allow users to change password at the Group level caused display issues with the group's password limits.

515528, 524288

Guest users could not upload or download files from virtual domains.


When clicking View All Requested in the File Sharing client, the pages were only partially displayed.


Transparency did not work with custom logos on Linux.


Error during file upload when the upload directory was read-only.

583129, 580145

Connections from internal IP addresses could receive a PASV IP address in use by the Serv-U gateway when a permanent PASV port range was assigned to Serv-U.


The case sensitivity of the LDAP login ID caused file share queries to fail.


The Web Client was loading slowly over HTTPS.


For users authenticating through Windows Authentication, the Organizational Units (OUs) were not retrieved, unless the full UPN was used during login.


When the Block "FTP_bounce" attacks option was turned on, PASV mode data connections through a gateway were broken.


Javascript error in the Spanish version of Serv-U.


When the internet connection was interrupted during a file upload to the file share, the partially uploaded, corrupted files were not deleted automatically.


OU membership was not parsed for an LDAP user, unless that user also belonged to at least one security group.


Browsing to select the file share repository folder did not insert the full path if the folder was selected without navigating into it.

513264, 543426

For users authenticating through Windows Authentication, it might not be possible to use the file sharing feature without the server administrator granting domain users access to the file sharing repository on the system.


SSH key files were migrated incorrectly from an Oracle database.


Email addresses failed to be imported from an Oracle database.


Database columns were generated incorrectly when an Oracle database was used.

504147, 601820, 598159, 568919

Fixes to the following Linux issues:

  • Serv-U did not load the LibGD properly on distributions using version 3 of the LibGD package. Serv-U now attempts to load the latest package using a symbolic link which is present on most distributions.
  • Linux installer bug where Serv-U and Serv-U Gateway services were not removed during an uninstallation.
  • Linux installer bug where the console mode install of Serv-U Gateway did not respect the user's choices regarding installing as a service and running the Gateway after installation.
  • System variable parameters are passed incorrectly to external applications.
  • When an "Execute Command" event was triggered, defunct processes were left behind.
  • An issue introduced in version, where Serv-U did not release the socket for connections coming from a banned IP address. This caused Serv-U to stop functioning properly when it reached the maximum number of open file descriptors allowed by the operating system.


Fixes to the following potential security issues:

  • Cookies delivered over HTTPS before the user logs in were not marked with the "secure" attribute. These cookies do not contain confidential data but could cause warnings in security scanning software.
  • Serv-U did not set the "no-store" property in the Cache-Control of HTTP response headers for files that should not be cached.
  • Serv-U could reveal valid login IDs using the HTTP password recovery feature that reported a distinct error message when an invalid login ID was supplied.
  • Certain cookies could be susceptible to XSS/HTML injections. These cookies did not contain confidential data but could cause warnings in security scanning software.
  • Certain HTTP request parameters could be susceptible to XSS/HTML injections. These vulnerabilities were found using security scanning software.


When Internet Explorer was used, the SMTP notification text was running over onto the boundary of the File Sharing Settings area in the File Sharing tab of the Limits and Settings page.


The FTP Voyager JV launch page showed Google Chrome instructions on an Opera 15+ browser.


Fixes to Web Client user interface issues.


Fixes to the following Mobile Web Client issues:

  • The Logout button caused the browser to enter into a recursive redirect state.
  • The copyright information was not displayed correctly.


Fixes to the following Web Client Pro issues:

  • Dialogs were pushed behind the browser window on Mac OSX operating systems.
  • A bug introduced with JRE1.7_45, where a JRE security prompt was displayed regarding javascript-to-java calls.

The SMTP confirmation prompt appeared behind the successful creation prompt of an incoming file share.


Legal notices

Return to top

Copyright © 1999-2015 SolarWinds Worldwide, LLC. All rights reserved worldwide.

No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.


The SOLARWINDS, the SOLARWINDS & Design, DAMEWARE, ORION, and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies. Microsoft®, Windows®, and SQL Server® are registered trademarks of Microsoft Corporation in the United States and/or other countries.